| RSS |
| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
Don't everyone chime in with solutions at once :-) Another couple of pieces to the puzzle: 1) This behavior seems to have begun after our last update cycle (Feb '08) 2) I can fix the problem with the "su" file from RH AS 3: auth sufficient /lib/security/$ISA/pam_rootok.so# Uncomment the following line to implicitly trust users in the "wheel" group. #auth sufficient /lib/security/$ISA/pam_wheel.so trust use_uid # Uncomment the following line to require a user to be in the "wheel" group. #auth required /lib/security/$ISA/pam_wheel.so use_uid auth required /lib/security/$ISA/pam_stack.so service=system-auth account required /lib/security/$ISA/pam_stack.so service=system-auth password required /lib/security/$ISA/pam_stack.so service=system-auth session required /lib/security/$ISA/pam_stack.so service=system-auth
session optional /lib/security/$ISA/pam_xauth.so With this file in place, su behaves as expected: 1) the login failure tally only increments when the wrong password is supplied 2) the login failure tally is reset to 0 once a successful login is achieved 3) once the tally maximum is achieved, no further logins or su's to the account are allowed until the tally is reset.I'll stick with the old PAM stack for su for now as a workaround.
Russell _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
[Home] [Kernel List] [Red Hat Install] [Linux for the blind] [Red Hat Watch List] [Gimp] [Kerberos: The Definitive Guide]
|
|